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Abstract. Proving failure of queries for definite logic programs can be 
done by constructing a finite model of the program in which the query is 
false. A general purpose model generator for first order logic can be used 
for this. A recent paper presented at PLILP98 shows how the peculiarities 
of definite programs can be exploited to obtain a better solution. There 
a procedure is described which combines abduction with tabulation and 
uses a meta-interpreter for heuristic control of the search. The current 
paper shows how similar results can be obtained by direct execution 
under the standard tabulation of the XSB-Prolog system. The loss of 
control is compensated for by better intelligent backtracking and more 
accurate failure analysis. 



1 Introduction 

In @J methods are studied for proving that a query for a definite logic pro- 
gram fails. The general idea underlying all methods is the generation of a finite 
model of the definite program in which the query is false. However the approach 
developed in |2| is quite different from that used in general purpose model gen- 
erators for first order logic such as FINDER [jfo), SEM ||, and FMC atinf @- 
Whereas the latter systems search for a model in the space of interpretations, 
the former searches in the smaller space of pre-interpretations and applies a top- 
down proof procedure using tabulation to verify whether the query is false in 
the least model of the Horn theory based on the candidate pre-interpretation. 
Experiments in ||, an extended version of @J, show that the abductive proce- 
dure of |2) extended with intelligent backtracking fj| outperforms FINDER and 
FWLCatinf on problems where there are a large number of different interpreta- 
tions for a given pre-interpretation. The difference is not only in the number of 
backtracks, but also, for some problems, in time, and this notwithstanding the 
former is implemented as a straightforward meta-interpreter in Prolog while the 
latter are sophisticated implementations in a more low level language. 

The current paper describes how the meta-interpreter can be replaced by 
a more direct implementation in XSB-Prolog || [| which relies on the XSB 
system to perform the tabulation. This is not a straightforward task because 



of the intelligent backtracking and because the meta-interpreter does not follow 
the standard depth-first left-to-right search strategy but uses heuristics to direct 
the search towards early failures and selects the pre-interpretation on the fly, as 
components are needed by the proof procedure. To exploit the tabling system 
underlying XSB, one has to stick to the depth- first left-to-right execution order 
and one should not modify the program by creating new components of the 
pre-interpretation while evaluating a call to a tabled predicate. 

The random selection of an initial pre-interpretation, combined with the loss 
of control over the search results in a system which has to explore a substantially 
larger part of the search space than the original system. The paper introduces 
two innovations to compensate for this. Firstly, it uses a variant of intelligent 
backtracking which is much less dependent on the random initial order of the 
choice points. Secondly, it introduces a more accurate failure analysis, so that 
smaller conflict sets are obtained and that the intelligent backtracking selects its 
targets with more accuracy. 

The motivation for this research is in the world of planning. Planners are 
typically programs which search in an infinite space of candidate plans for a plan 
satisfying all requirements. The planner searches forever (until some resource is 
exhausted) when no candidate plan satisfies all requirements. Hence it is useful 
to have methods to show that the problem has no solution. It turns out that our 
approach outperforms first order model generators on planning problems. 

In the next section we recall some basic notions about semantic of definite 
logic programs. In Section ^ we describe our approach in more detail and then 
in Section ^ we show the results of testing our system on different problems. The 
comparison not only includes the model generator FINDER jnj as in |^], and 
FMCatinf as in g but also SEM @. 

2 Preliminaries 

Now we will recall some basic definitions about semantics of definite programs. 
Most of them are taken from ||. 

A pre-interpretation J of a program P consists of domain D = {di, . . . , d m }[] 
and for each n-ary function symbol / in P a mapping fj from D n to D. Follow- 
ing the literature on model generators, a term of the form f(d±, . . . , d n ) where 
dx, ■ ■ ■ , d n € D is called a cell. Given a program P and domain size m, the set of 
all cells is fixed. A pair (c, v) where c is a cell and v G D is the mapping of that 
cell is called a component and v the value of the component. A set of components 
defines a pre-interpretation if there is exactly one component (c, v) for each cell. 

A variable assignment V wrt. expression E and pre-interpretation J consists 
of an assignment of an element in the domain D for each variable in E. A 
term assignment wrt. J and V is defined as follows: each variable is given its 
assignment according to V; each constant is given its assignment according to 
J; if di,... , d n are the term assignments of t\, . . . ,t n then the assignment of 
f(tx, ■■■ ,t n ) is the value of the cell f(di, . . . , d n ). 

1 We will consider only domains with finite size. 



An interpretation / based on a pre-interpretation J consists of a mapping 
pi from D n to {false, true} for every n-ary predicate p in P. An interpretation 
/ is often defined as the set of atoms p{d\, . . . , d n ) for which p{d\, . . . , d n ) is 
mapped to true. An interpretation M is a model of a program P iff all clauses 
in P are true in M. For a definite program, the intersection of two models is 
also a model hence a definite program always has a unique least model. As a 
consequence, if a conjunction of atoms is false in some model then it is also false 
in the least model of a definite program. 

Throughout the paper we will use the following simple example about even 
and odd numbers to show the different concepts and program transformations. 

even(zero) . 
even(s(X)) :- odd(X) . 
odd(s(X)) :- even(X) . 

Consider a query ?- even(X) , odd(X) . For simplicity of the presentation we 
will add to the program the definite clause 

even_odd :- even(X) , odd(X) . 

and consider the query ?- even_odd. It cannot succeed as ?- even_odd is 
not a logical consequence of the program. The SLD proof procedure does not 
terminate. This is still the case when extended with tabulation as in XSB-Prolog. 

We choose a domain with two elements D = {0, 1} and consider the pre- 
interpretation J = {zeroj — 0, s,/(0) = l,s,/(l) = 0}. The least model of the 
definite program is {even(0), odd(l)} and the atom even_odd is false in this 
model. 

3 The Method 

Figure [l] shows the general architecture of the system. The input consists of a 
definite program P, a query 1-Q and domain size m. First the program and 
the query are transformed to P t and ?-Q*. The transformation replaces all 
functional symbols with calls to predicates defining the components of the pre- 
interpretation and allows the program to collect the components which were 
used during the evaluation of the query. Also an initial pre-interpretation J is 
constructed for the given domain size m. Then the query ?-Q is evaluated wrt. 
the program P l and the current pre-interpretation J. If the query succeeds then 
it also returns a set of components CS which are necessary for the success of the 
proof. Then, based on CS, the pre-interpretation is modified and the query is run 
again. If we have exhausted all possible pre-interpretations for the given domain 
size then we can eventually increase it and run the system again. If the query 
fails then Q* is false in the least model based on the pre-interpretation J 
and we can conclude that the original query 1-Q cannot succeed. 
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Fig. 1. System architecture 



3.1 Basic Transformation 



To evaluate the query in the least model based on a pre- interpretation J, we use a 
variant of the abstract compilation approach to program analysis used by Codish 
and Demoen in |5j . The pre- interpretation J of a n-ary function / is represented 
by a set of facts Pf{d\, . . . ,d n ,v); one fact for each cell f(di, . . . ,d n ). In the 
source program, non variable terms are represented by their pre-interpretation. 
This is achieved by replacing a term f(t\,... ,t n ) by a fresh variable X and 
introducing a call pf(t\,... ,t n , X). This transformation is repeated for the non 
variable terms in t\ , . . . , t n until all functions are eliminated. Codish and Demoen 
evaluate the resulting DATALOG program bottom up, obtaining the least model 
which expresses declarative properties of the program. In , one also transforms 
the query and using a top-down procedure with tabulation checks whether it fails. 
Experience showed that one typically ends up with computing the whole model of 
the predicates reachable from the query. So the meta-interpreter used there tables 
only the most general call for each predicate. As we want direct execution under 
XSB, our transformation has to take care that a program predicate is only called 
with all variables free and different, so that XSB tables only the most general 
call. To achieve this, a predicate pf(. . . ) which is added to compute a term t 
in a call is inserted after the call and a predicate which is added to compute a 
term in the head is inserted at the end of the clause. Finally, when a call to a 
program predicate contains a variable X which already occurs to the left of its 
position in the clause, then it is replaced by a fresh variable Y and an equality 
X — Y is inserted after the call. The calls to the pre-interpretation are not 
tabled, and a call Pf(g(. ..),...) is transformed in p g (. . . ,X),pf(X, . . .). This 



gives less branching than when p g {. . . ) is added after pf(. . .). For our example 
this gives the following code: 



even(X) :- p_zero(X). 
even(Y) :- odd(X) ,p_s(X,Y) . 
odd(Y) :- even(X) ,p_s(X,Y) . 
even_odd :- even(X) ,odd(Xl) ,X1=X. 



p_zero (0) . 
p_s(0,l) . 
p_s(l,0) . 

In J^] , values are assigned to the cells of the pre- interpretation in an abductive 
way, as needed by the heuristic search for a proof of the query. When a proof is 
found, standard backtracking occurs: the last assigned value is modified. To have 
direct execution under XSB, the pre-interpretation has to be fixed in advance. 
Obviously, it is not feasible to enumerate all possible pre-interpretations until one 
is found for which the query fails. The search has to be guided by the proof found 
so far. Failure analysis and intelligent backtracking have to be incorporated to 
obtain a usable system. 



3.2 Failure Analysis 

Elementary Failure Analysis. As the goal is to find a pre-interpretation for 
which the query fails, failure occurs when the query succeeds. In the more gen- 
eral setting of first order model generation, failure occurs when some formula 
gets the wrong truth value. The FINDER and FMCatinf systems keep track 
of which cells arc used in evaluating a formula and when the formula receives 
the wrong truth value, the set of cells used in evaluating it is used to direct the 
backtracking. In Q the meta-interpreter is extended with such a failure analysis 
and intelligent backtracking is used to guide the search. This substantially im- 
proved the performance of the system. Incorporating these features in the current 
approach which relies on direct execution with XSB of the transformed query, 
requires special care. First let us formalize the notion of conflict set (refutation 
in first order model generators [Q [Tof). 

Definition 1 (Conflict set). A conflict set CS of a definite program P and 
query Q is a finite set of components such that for any pre-interpretation J for 
which CS C J follows that Q is true in any model of P based on J. 

The idea is that any pre-interpretation J which has the same values for all 
components from the conflict set CS can not be extended to an interpretation in 
which the query fails. Hence any candidate pre-interpretation must differ from 
CS in the value of at least one component. Exploiting conflict sets requires first 
to compute them. This can be done by adding to the program predicates an extra 
argument which is used to collect the components used for solving a call to this 
predicate. For example a call even(X) is replaced by even(X,CS) and the answer 



even(O) becomes even(0, [p_zero(0)] ). However there is a potential problem. 
Also even(0, [p_zero(0) ,p_s(0, 1) ,p_s(l ,0)] ) is an answer. Previously, the 
tabling system did not recognize it as a new answer and did not use it to solve 
calls to even/1. But as the value of the added second argument differs from 
that in the first answer, XSB will also use it to solve calls to even/2 and it will 
obtain a third answer. Fortunately, if the list of used components is reduced to 
some canonical form, then the third answer will be identical to the second and 
the evaluation will terminate. However, this repetition of answers with different 
lists of components can substantially increase the cost of the query evaluation. 
Fortunately the XSB system has built-in predicates to inspect and modify the 
tables so we can control this behavior. The idea is to replace a clause 

p(X,CS) :- Body. 

with a clause 

p(X,CS) :- Body,check_return(p(X,CS)) . 

When the body of the clause succeeds, XSB will process the answer p(X 7 CS) 
(add it to the table for the call to p/2 if it is new). Remember, that as the 
transformed program makes only most general calls there is only one table as- 
sociated with each predicate. Using the built-ins, the predicate check-return /l 
looks up the previous answers in the table for p/2 and compares them with the 
candidate answer p{X 1 CS). If there is no other answer with the same X then 
check .return /l and thus p/2 simply succeed. The interesting case is when the 
table already holds an answer p(X, CS id) with a different conflict set CS id (if 
CS id — CS then XSB will recognize it is a duplicate answer). Then several 
strategies are possible for check_return/l: 

— The simplest approach is to let check_return/l fail when the table already 
holds an answer with the same X. 

— An alternative approach is to check whether the new conflict set CS is 
"better" than CS id- Then the old answer is removed from the table and 
checkjreturn/1 succeeds. Otherwise check_return/l fails. 

— Finally, but more expensive for the overall query evaluation, one could al- 
low several answers, only rejecting/removing redundant ones (p{X, CS\) is 
redundant wrt. p(X, CS 2 ) if CSi D CS 2 ). 

Advanced Failure Analysis. A conflict set can be called minimal if it has no 
subset which is a conflict set. Obviously it is not feasible to compute minimal 
conflict sets. However, simply collecting the components used in a proof can be a 
large overestimation. For example, in our planning problems, a three argument 
predicate is used: one argument is the initial state, one argument is the final state 
and one argument is the description of the derived plan. The pre-interpretation 
of the terms representing the plan is completely irrelevant for the failure of the 
query. However the components used to compute it will be part of the conflict 
set. 



To see how to refine our failure analysis, let us reconsider how answers are ob- 
tained. Using a slightly different notation, the base case of the even/1 predicate 
can be written as: 

even(X) :- X=0_J. 

This represents the basic answer, parameterized by the pre-interpretation J. 
Now consider the definition of the odd/1 predicate: 

odd(X) :- even(Y) ,X=s_J(Y) . 

An answer of odd/1 is obtained by performing resolution with the basic an- 
swer for even/1, yielding: 

odd(X) :- Y=Xl,Xl=0_J,X=s_J(Y) . 

This can be generalized, answers for a predicate p/n arc of the form: 

p(Xi , . . . , X n ) <— X\ = t\ j , . . . , X N = t nj , Eqs 

with Eqs a set of equations involving X\ , . . . , X n and some local variables 
Yi, . . . ,Y n . Under the elementary failure analysis the answer is p{ti,, . . . , t nj ) 
and the associated conflict set is the set of components used in computing 
t\j, . . . , t nj and the terms of Eqs. 

The basis for the advanced failure analysis is the observation that the answer 
clauses can be simplified while preserving the solution they represent. Terms form 
equivalence classes under a pre- interpretations. Members of the equivalence class 
can be represented by the domain element which is their pre-interpretation and 
equalities between terms modulo equivalence class can be simplified using three 
of the four Martelli-Montanari simplification rules: 
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• i tnj ) Eqs (remove) 
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P(hj, ■ ■ 
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• 7 tnj) <— X = tj, Eqs is equivalent to 


p{tij,.. 


• ,t nj ){X/tj] <- Eqs{X/tj} (substitute) 



Note that fj(ti r ,... , t nj ) — gj(s\ , , . . . , s mj ), Eqs is not equivalent to false 
and that fj(t\j,... ,t nj ) — fj(s\j,... ,s nj ),Eqs is not equivalent to ti, = 
sij, . . . ,t nj — s nj ,Eqs, hence peel is not allowed. 

So an answer can be simplified to a form 

p(h,,. . . ,t nj ) <- Eqs 

where Eqs contains equations between non variable terms and some of the Uj 
in the head can be variables. The pre-interpretations in the terms of Eqs decide 
whether Eqs is interpreted as true or false, hence the components used in inter- 
preting the terms in Eqs form the real conflict set of the answer. However also 



the components used to interpret the terms ti r of the head are important. When 
the answer is used to solve a call, they become part of new equations. Hence, with 
each variable we should associate a set holding the components used in evaluat- 
ing the term the variable is bound to and with each answer we should associate 
the "real" conflict set. Moreover, the execution of the equalities X = Y has to 
be monitored. When one of X or Y is free then unification can be performed, 
otherwise if X and Y have the same interpretation then the sets of components 
associated with X and Y have to be added to the conflict set of the answer (as 
before the equality fails when X and Y have a different interpretation). Note 
that our transformation is such that calls have fresh variables as arguments, so 
the equality between an argument of a call and an argument of an answer always 
involves a free variable and is correctly handled by standard unification. A final 
point is that the body of the compiled clause has to be carefully ordered: equal- 
ities on predicate calls involving a variable X should precede the interpretation 
of a term containing X, e.g. p(X), Y = fj(X) is a correct ordering: first the call 
p/1 binds X to a domain element and also returns the set of components CSx 
used in computing that domain element. Then Y is bound to a domain element 
and the set of components used in computing it is {fj(X)} U CSx- Taking the 
above into account, the code for our example is as follows: 

even(X,[]) :- comp(p_zero , [] ,X) , check_return(even(X, [] ) ) . 
even(X,CS) :- odd(Y,CS) ,comp(p_s, [Y] ,X) , check_return(even(X,CS) ) . 
odd(X,CS) :- even(Y,CS) ,comp(p_s, [Y] ,X) , check_return(odd(X,CS) ) . 
even_odd(CS) :- 

even(X.EvenCS) ,odd(Y,0ddCS) , 

merge (EvenCS,OddCS,CSl) , unify (X, Y.CSl ,CS) , 

check_return(even_odd(CS) ) . 

Calls to the pre-interpretation are made through an intermediate predicate 
comp/3 defined below. The call to combine_arg_cs/3 collects the conflict sets 
associated with the ground arguments of the function to be interpreted (none 
if the argument is a free variable) in ArgsCS and merge/3 extends ArgsCS with 
Comp, the consulted component of the pre-interpretation, to obtain the final 
conflict set ResCS. 

comp(F,Args,R-ResCS) :- 

combine_arg_cs (Args ,RealArgs , ArgsCS) , 
append ( [F I RealArgs] , [R] ,C) , Comp =.. C, 
call (Comp) , 

merge ([Comp] , ArgsCS , ResCS) . 
combine_arg_cs( [] ,[],[]). 

combine_arg_cs([A-[] IT] , [AlTl] .RestCS) :- !, 

combine_arg_cs(T,Tl,RestCS) . 
combine_arg_cs ( [A-ACS I T] , [A I Tl] , OutCS) : - 

combine_arg_cs(T,Tl,RestCS) , 

merge ( ACS, RestCS, OutCS) . 



The merge /3 predicate makes the union of two sets (represented as lists) 
and places the result in a canonical form and unify/4 is used to monitor the 
unification process and can be defined by the following Prolog code: 

unify(X,Y,S,S) :- (var(X) ; var(Y) ) , !, X=Y. 

unif y(X-Sx,X-Sy ,Sin,Sout) :- merge (Sx, Sy, S) , merge (S , Sin, Sout) . 

The first two arguments are the terms to be unified, the third is the current 
conflict set of the clause and the last argument is the new conflict set of the 
clause. The first clause handles the case that one is a free variable: unification is 
performed and the conflict set of the clause remains the same. The second clause 
handles the case that both arguments X and Y are bound to the same domain 
element. The set of components used in evaluating the first argument (Sx) and 
in evaluating the second argument (Sy) are added to Sin yielding Sout. 

3.3 Intelligent Backtracking 

Under standard backtracking, candidate pre-interpretations are enumerated ac- 
cording to some fixed total ordering ci, C2, . . . , c n of the cells. When some partial 
solution c\ — d\, C2 — d\, . . . ,c m = d^ is rejected then the value assignment d] n 
for the last cell c„ is modified. If no other value is left, then c m _i is modified 
(and all domain elements become again available for c m ). The simplest use of 
conflict sets is based on the observation that no extension of the conflict set can 
be a solution, so the last element according to the total order over the cells of the 
conflict set is selected and the assignment to this cell is modified. However also 
secondary conflict sets can be derived pi. Assume, due to different conflicts, all 
values for some cell c n have been rejected. With {c^i, . . . , Cj^, c„} the conflict 
set which led the rejection of di we can formalize the knowledge in the conflict 
sets as: 

ci,i = A ... A ci t k! = rfi.fcj A c„ = di — > false 

Cm,i — d m ,\ A ... A c m ^ m — ^*m,fe m A c n d m > false. 

As we have that cell c n must be assigned some domain element, we have c n — 
di V . . . V c n = d rn . Applying hyper-resolution ||, one can infer 

ci.i = di.i A ... A ci M = d 1M A 

c m ,i = d„ h i A ... A c TOjfcm = d mt k m — > false 

which says that {c± t i, . . . , ci^, . . . , c TOi i, . . . , c mi k m } is also a conflict set. 

At the implementation level, an accumulated conflict set is associated with 
each cell and initialized as empty. When a conflict {ci, . . . , c n ~i, c n } is derived 
with c„ its last cell, then {ci, ... ,c„_i} is added to the accumulated conflict 



set of c„. Once all assignments to a cell are exhausted, its associated conflict set 
holds the secondary conflict which can be used to direct further backtracking. 
This is the approach taken in |?| where it worked quite well, as the initial order 
was carefully chosen. In the current implementation, where the initial order over 
the cells is random, the system had to do much more search before finding a 
solution. Hence we adopted a variant of intelligent backtracking mentioned in 
which leaves the cells unordered until they participate in a conflict. Under 
this approach, cells are split over two sets, a set with a total order (initially 
empty) and a set which is unordered. When a conflict is found, the cells from 
it which are in the unordered set (if any) are moved to the end of the ordered 
set. Then the last cell of the conflict set is chosen as target of the backtracking. 
Cells which are after the target in the total order return to the unordered set. 
This approach resulted in substantially better results. 

3.4 Dealing with Equational Problems 

There exists many problems which contain only one predicate, the equality pred- 
icate eg/2. They consist of a number of facts eq[t^ , U 2 ) <— for i = 1, . . . , m and 
a number of denials <— eq(sj 1 ,Sj 2 ) for j = 1, . . . , n. To solve such problems, 
one has to add to the program the axioms for the equality theory for reflexivity, 
symmetry, transitivity and function substitution, the latter consists of an axiom 



for each functor f/n. The least model of the standard equality theory is the 
identity relation over the domain of the interpretation, hence the search space 
can be reduced by restricting the interpretation of eq/2 to the identity relation. 

In the abductive system of ||, this is achieved by initializing the interpre- 
tation of eq/2 as identity, and removing the standard equality theory (only the 
problem specific facts and denials remain). Backtracking is initiated as soon as 
cither one of the denials eq(sj 1 , Sj 2 ) evaluates to true or one of the facts eq{ti t , tj 2 ) 
results in an answer which is not in the identity relation. 

With direct execution under XSB, a slightly different approach is required. 
Unification reduces to the identity relation, hence after compiling the terms, the 
call to eq/2 can be done by unifying the compiled terms. However, the problem 
is that all facts and denials need to be activated. Therefore a new predicate p/0 
is introduced and defined as follows: 

p <- ^eq{t ix ,ti 2 ). i= 1, ... ,m 
P *- eq{s n ,s n ). j = 1,... ,n 

Proving failure of the query <— p yields the desired pre-interpretation. Indeed p 
is equivalent to 



f(X x , . . . , X n ) = f(Yx, . . . ,Y n ) <- X x = Y x A . . . A X n = Y n . 




Kz<m 



l<j<n 



Hence p fails if the right-hand side is true, i.e. if 



f\ V eq{t n ,U 2 ) A f\ y^eq{s n ,s n ) 

l<z<m 

is true. Veg(tj i; ti 2 ) is equivalent with the fact eq(ti 17 ti 2 ) and V->eg(sj 1 , Sj 2 ) is 
equivalent to the denial — eq{s n . Sj 2 ). Thus p fails if the conjunction of the orig- 
inal facts and denials is true under the chosen pre-interpretation. Compilation 



of terms is as described in Section 3T, i.e. a call eq(sj 1 , Sj 2 ) is replaced by a call 
Xj ± — Xj 2 preceded by the code computing the pre-interpretation of Sj 1 and Sj 2 . 
A call ->eq(ti 1 ,ti 2 ) is handled in a similar way; the built-in \= (not unifiable) 
can be used instead of not equal. However, special care is required to ensure the 
arguments are ground in case t it or t i2 is a variable. Whereas the compilation 
leaves such variables intact, here it has to be mapped (the mapping introduces 
a backtrack point) to a domain element. 



Similarly as in Section 3.2, conflict sets can be associated with terms for the 
task of advanced failure analysis. Hence a call ->eq(t il ,t i2 ) is transformed in the 
sequence interpret{ti 1 , X^) , interpret(ti 2 , Xi 2 ) , disuni j 'y(Xi 1 , Xi 2 , Si n , S ou t) where 
interpret /2 is an abbreviation for the sequence of calls computing the pre- 
interpretation of the term and the associated conflict set and disuni fy /A is 
defined as 

disunify(X-Sx,Y-Sy, Sin, Sout) :- 

X\=Y, merge (Sx,Sy,S) , merge (S, Sin, Sout) . 



4 Experiments 
4.1 The Problems 

We tested our system with a large number of different problems. Below we give 
a short description for each one of them and for some of them the source code 
is given in Appendix |X| 



List Manipulation. The appendlast problem uses the standard definition of 
the predicates append and last and the following query: 

appendlast :- append(X, [a], Xs),last(Xs, b) . 

The reverselast problem is similar to the appendlast problem but uses the 
version of the predicate reverse with accumulator: 

reverselast:- reverse(L, R, [a]), last(R, b) . 

The nreverselast problem uses the "naive" definition of reverse: 

nreverselast :- reverse ( [a I X] , R) , last(R, b) . 



Multisets. The multiset?o are programs to check the equivalence of two mul- 
tisets using a binary operator "o" to represent them. multiset3o is a problem 
which has a solution, thus failure cannot be proven for it. 



Planning in the Blocks- World. These are simple problems for planning in 
the blocks-world. The theory for the blockpair problems has, besides the usual 
actions of the blocks-world, an action to add or remove a pair of blocks. In the 
blockzero problems, the extra action is to create a new block named s(X) on 
top of a clear block X. 

The queries ending in "o" use multisets based on the function o/2 and those 
ending in "1" use a standard list representation. Those problems which have the 
number 2 in their name do not collect the plan and those having 3 store the plan 
in the second argument. blockzero21sn is a problem which has a solution. 



TPTP-Problems. The rest of the examples are taken from the TPTP problem 
library jll]]. In Table [l] in brackets are given the TPTP names for each one of 
them. All these problem s ar e equational problems and are transformed in the 
way described in Section [Oj. 

The tba problem is to prove an independence of one axiom for ternary boolean 
algebra. 

The grp problem is to prove that some axiom is not a single axiom for group 
theory. 

The cl3 problem is from the domain of combinatory logic and the goal is to find 
a set of combinators which satisfy axioms S and W and do not satisfy the weak 
fixed point property. 

Table @ gives some details about the properties of the problems. The column 
#pred shows the number of predicates. The column size dom gives the domain 
size for which the query has been evaluated (which is, for the failing queries, 
the minimum domain size for which a model proving failure exists) . The column 
size pre gives the number of cells in the pre-interpretation and the next column 
#pre gives the number of all possible pre-interpretations for the given domain 
size. The column size int gives the number of atoms to be assigned a truth value 
in an interpretation and the last column #int/pre gives the number of different 
interpretations for a fixed pre-interpretation. For the TPTP problems this value 
is 1 because they have only one predicate for which the interpretation is known 
to be identity. 



4.2 Results 

The results with FMC atin f were taken from jj or were sent to us by its author 
which was using a SUN 4 ELC machine. All other systems were run on SUN 
Sparc Ultra-2 computer. The system AB is the abductive system described in 

2 corresponds to blocksol in pj] and M 



Table 1. Example properties 



Example 


#pred 


size dom 


size pre 


#pre 


size int 


#int / pre 


appendlast 


2 


3 


12 


3 1 ' 2 


13 


2 13 


reverselast 


2 


3 


12 


3 12 


13 


2 13 


nreverselast 


3 


5 


28 


5 28 


150 


2 150 


multisetlo 


1 


2 


7 


2' 


4 


2 4 


multiset2o 


1 


2 


7 


2 7 


4 


2 4 


multiset3o 


1 


2 


7 


2 7 


4 


2 4 


blockpair2o 


3 


2 


19 


2 iy 


12 


2 12 


blockpair3o 


3 


2 


36 


2 36 


20 


2 20 


blockpair21 


5 


2 


19 


2 19 


32 


2 32 


blockpair31 


5 


2 


36 


2 36 


40 


2 40 


blockzero2o 


3 


2 


19 


2 19 


12 


2 12 


blockzero3o 


3 


2 


35 


2 35 


20 


2 20 


blockzero21 


5 


2 


19 


2 19 


32 


2 32 


blockzero31 


5 


2 


35 


2 35 


40 


2 40 


blockzero21s 


5 


2 


19 


2 19 


32 


2 32 


tba (BOO019-1) 


1 


3 


32 


3 32 


9 


1 


grp (GRP081-1) 


1 


2 


17 


2 17 


4 


1 


cl3 (COL005-1) 


1 


3 


12 


gl2 


9 


1 



however, running under (the slower) XSB-Prolog instead of Master Prolog 
for equal comparison. We used FINDER H] version 3.0.2 and SEM Q version 
1.7 which are well known model generators implemented in C. 

The system naive results from the direct translation of the system AB to XSB: 
it uses the same failure analysis, it starts from a random total order over the 
cells of the pre-interpretation and it uses the simplest variant of checkjreturn 
which sticks to the first answer whatever the associated conflict set is. For the 
TPTP problems the standard equality axioms were used. 

The systems single CS and best CS use a more sophisticated version of 
checkjreturn which prefers the answer with the shorter conflict set, advanced 
failure analysis and the more sophisticated version of intelligent backtracking 
which leaves elements unordered until they participate in a conflict set. The 
system single CS uses the first answer to the top level query to direct the back- 
tracking. The system best CS computes all answers to the top level query and 
then selects from them the conflict set which will add the fewest number of cells 
to the ordered sequence. Both systems use the technique described in Section 3.4 
on the TPTP problems. 

Table || gives the times obtained by the different systems. The time is in 
seconds unless followed by H, then it is in hours. A "-" means the example was 
not run. A "> n" means the system had still no solution after time n. 

Table || shows the number of generated and tested pre-interpretations (num- 
ber of backtracks). For the SEM system, we have modified the source code to 
report exactly this number. For the FINDER system we report the sum of the 



Table 2. Execution times 



Example 


naive 


single CS 


best CS 


AB 


FINDER 


SEM 


FMCatinf 


appendlast 


919 


0.76 


1.63 


1.42 


0.07 


0.01 


45.21 


reverselast 


918 


0.85 


1.85 


1.00 


0.10 


0.01 


10.79 


nreverselast 


>2706 


>1673 


178 


17.5H 


> 1446 


957 


>900 


multisetol 


0.18 


0.06 


0.12 


0.08 


0.02 


0.01 


- 


multiseto2 


0.07 


0.20 


0.47 


0.10 


0.02 


0.01 


0.02 


multiseto3 


0.94 


0.54 


2.77 


0.28 


0.03 


0.01 




blockpair2o 


451 


0.86 


3.14 


5.05 


0.07 


0.05 


7.31 


blockpair3o 


>58 


0.94 


3.90 


21.97 


0.18 


0.23 


>900 


blockpair21 


5303 


1.86 


7.85 


3.56 


0.04 


0.05 


204.9 


blockpair31 


>222 


2.05 


9.70 


53.88 


0.12 


0.18 


>900 


blockzero2o 


7.93 


7.94 


4.35 


2.84 


0.11 


0.09 




blockzero3o 


162 


8.86 


5.41 


24.48 


0.22 


1.98 




blockzero21 


18.49 


2.00 


20.71 


5.67 


0.23 


0.10 




blockzero31 


40.35 


2.06 


24.76 


37.23 


0.33 


2.39 




blockzero21s 


11.8H 


648 


2631 


593 


2287 


5.05 


>900 


tba 


>950 


1331 


3.65 


3.29 


0.03 


0.03 


0.06 


grp 


1189 


1.05 


5.89 


13.94 


0.03 


0.01 




c!3 


0.13 


3.85 


1.63 


1.03 


0.02 


0.03 


0.04 



number of bad candidates tested and other backtracks. Also in this table "-" 
means not run, "> n" means already n backtracks when interrupted. For the 
system best CS we give an additional column total which shows the total number 
of conflict sets obtained as "answers" to the query (divided by the number of 
backtracks, this gives the average number of conflict sets obtained when running 
the query). 

4.3 Discussion 

Comparing the systems naive and AB, we see that the straightforward transfer 
of AB to XSB results in a much worse behavior. Hence the heuristics used by 
AB to control the search have a big impact. 

The effect of the advanced failure analysis is not reported separately. Its 
impact is only visible in the block*3? problems which compute, for the failure 
analysis, an irrelevant output argument. The advanced failure analysis makes 
these problems behave as well as the corresponding block*2? problems. Note 
that the AB system as well as all first order model generators behave much worse 
on the 3-argument problems than on the corresponding 2-argumcnt problems. 
As computing some output is a natural feature of a logic program, the advanced 
failure analysis is an important asset of our system. 

Adding more sophisticated backtracking which does not fix the order of 
the cells in advance yields a substantial improvement on most problems. The 
system single CS which sticks everywhere to the first conflict set is often the 



Table 3. Number of backtracks 



Example 


naive 


single CS 


best CS 


AB 


FINDER 


SEM 


FMC ATINF 




#bckt 


#bckt 


#bckt 


total 


#bckt 


#bckt 


#bckt 


#bckt 


appendlast 


41045 


56 


27 


136 


43 


180 


27 


110019 


reverselast 


41045 


56 


27 


133 


30 


211 


27 


23445 


nreverselast 


> 10000 


>2000 


221 


2426 


190170 


> 10 7 


31285086 


>? 


multisetlo 


4 


3 


3 


11 


4 


4 


3 


- 


multiset2o 


14 


14 


12 


38 


10 


31 


8 


104 


multiset3o 


127 


75 


76 


122 


33 


75 


86 




blockpair2o 


9323 


34 


32 


55 


17 


273 


918 


5567 


blockpair3o 


>3000 


34 


32 


55 


56 


879 


2904 


>? 


blockpair21 


32873 


76 


66 


117 


33 


68 


918 


91404 


blockpair31 


>6000 


76 


66 


117 


204 


359 


2904 


>? 


blockzero2o 


577 


241 


48 


148 


158 


823 


3495 




blockzero3o 


1245 


241 


48 


148 


500 


897 


63032 




blockzero21 


1145 


190 


181 


1044 


98 


1131 


3415 




blockzero31 


2289 


190 


181 


1044 


380 


1123 


63288 




blockzero21s 


128926 


21544 


20284 


31969 


3615 


3999226 


201882 




tba 


>4000 


95369 


41 


91 


72 


23 


5 


33 


grp 


19996 


71 


138 


210 


361 


24 


14 




cl3 


5 


670 


93 


191 


41 


30 


3 





fastest, although it often needs more backtracks than best CS. It fails only on 
nreverselast which uses a 5 element domain and has a very large search space. 
However, on the equality problems it becomes obvious that a good choice of 
a conflict set is essential for solving such problems. In number of backtracks, 
best CS" compares quite well with AB. Only on blockzero21s it needs a lot more 
backtracks, while it needs a lot less on nreverselast. Perhaps on blockzero21s, 
which has no solution, it suffers from the less optimal ordering because the search 
space has to be searched exhaustively. 

From the model generators FINDER and SEM perform reasonably well in 
terms of time and also in number of backtracks. However, the results for FINDER 
were obtained only after a fine tuning of the different parameters and the repre- 
sentation of the problems (see S). The system also uses intelligent backtracking 
for deriving secondary conflict sets and some other forms of failure analysis. It 
has a smaller number of backtracks on the more complex planning problems 
than SEM. The system SEM is the fastest in raw speed and is not so sensible to 
the problem representation. Of the model generators, the system FMCatinf is 
the weakest on the class of problems we consider. This result contrasts with the 
results in where it is the best on several problems. 

Compared with our system the model generators have to backtrack much 
more on the planning problems and the other logic programs where they have to 
explore the full space of interpretations while we look only for the least model 
of the program for a given pre-interpretation (the extra cost of evaluating the 



query in the least model is more than compensated for by the exponentially 
smaller search space). On the TPTP problems our system is doing worse which 
suggests that there is further room for making better use of the information in 
conflict sets. 

5 Conclusion 

In this paper we presented a method for proving failure of queries for definite 
logic programs based on direct execution of the abstracted program in XSB- 
Prolog, a standard top-down proof procedure with tabulation. 

By using a better form of intelligent backtracking (proposed in [Q) which 
does not fix the enumeration order in advance and an improved failure analysis, 
wc were able to compensate for the loss of flexibility which results from the direct 
execution of the abstracted program. 

This way of intelligent backtracking could also be interesting for other sys- 
tems, e.g. FMCatinf of which Peltier reports that it is quite sensitive to the 
initial enumeration order. 

While difference in speed with the AB system are modest, the approach is 
still very interesting as the depth-first left-to-right execution results in a much 
better memory management so that larger problems can be tackled. The meta- 
interpreter of the AB system keeps track of the whole top-down proof tree in 
evaluating the query, which leads to very large memory consumption. 

Interesting future work is to further investigate some control issues. One 
could explore whether there is a good compromise between computing only one 
solution to the query and computing all solutions. One could try to further 
improve the backtracking by developing some heuristics which order a group of 
new elements when they are inserted in the ordered sequence. 
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A Code for Some of the Problems 
A.l Multiset 

multisetlo :- sameMultiSet (a, X), sameMultiSet(X, b) . 

multiset2o :- sameMultiSet(o(a,o(a,emptyMultiSet)) ,o(X,o(emptyMultiSet,b))) . 
multiset3o :- sameMultiSet(o(a,o(a,o(emptyMultiSet,b))) , 
o(o(a,b) ,o(a,emptyMultiSet) ) ) . 



sameMultiSet (X, X) 



sameMultiSet (o(X, Y) , o(X, Z)):- sameMultiSet(Y, Z) . 
sameMultiSet (o(o(X, Y) , Z) , U) : - sameMultiSet (o(X, o(Y, Z)), U) . 
sameMultiSet (U, o(o(X, Y) , Z)):- sameMultiSet (U, o(X, o(Y, Z))). 
sameMultiSet (o(emptyMultiSet, X), Y):- sameMultiSet (X, Y) . 
sameMultiSet (X, o (emptyMultiSet , Y) ) : -sameMultiSet (X , Y) . 
sameMultiSet (o(X, Y) , Z) :- sameMultiSet (o(Y, X), Z) . 

A. 2 Planning Problems 

Blocks are identified by integers represented as terms with the constant and 
the function s/1. The actionZero /3 predicate gives the possible actions and the 
causes Zero / '3 predicate tries to find a plan. In both predicates the first argument 
is the initial state, the last argument is the final state and the plan is collected 
in the second argument. 

blockzero3o :- 

causesZero(o(o(on(s(s(0)) , s(0)), cl(s(s(0) ) ) ) , em), Plan, 
o(on(s(0), 0), Z)). 

causesZero(Il , void, 12):- 

sameMultiSetCll, 12). 
causesZerod , plan(A, P) , G):- 

actionZero(C, A, E) , 

sameMultiSet (o(C, Z) , I), 

causesZero(o(E, Z) , P, G) . 

actionZero (holds (V) , put_down(V) , 

o(table(V), o(clear(V), mil))). 
actionZero (o (clear (V) , o (table (V), mil)), pick_up(V), 

holds (V) ) . 

actionZero (o (holds (V) , clear(W)), stack(V, W) , 

o(on(V,W), o(clear(V), mil))). 
actionZero(o(clear (V) , o(on(V, W) , mil)), unstack(V), 

o (holds (V) , clear (W))) . 
actionZero(o(on(X, Y) , o(clear(X), mil)), generate_block, 

o(on(s(X), X), o(on(X, Y) , o(clear(s(X)) , mil)))). 
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